1. Field
The present disclosure relates generally to security in data processing systems, and more particularly, to encryption and authentication techniques in data processing systems.
2. Background
In a number of diverse fields, such as, e.g., electronic commerce, communications, and broadcasting, security is a major concern. Security measures contribute to accountability, fairness, accuracy, confidentiality, operability, and other criteria that are desired of data processing systems. Cryptographic methods that provide such security are usually categorized according to two purposes: encryption and authentication. Encryption is used to render a message unreadable to unauthorized parties. Authentication is used to verify the identity of the sender and to verify that the message has not been altered in transit.
Traditional cryptographic methods have required that the entire message be encrypted. In many situations, this does not present a problem. However, some protocols require that part of the message be transmitted in an unencrypted form. A common example is a packet header used for addressing purposes on the Internet. In these situations, it is desirable to authenticate both the encrypted and unencrypted portions of the message together to reduce the computational load and increase the speed of the authentication process.
In the past, protocol designers have devised several approaches for authenticating a partially encrypted message. “Authenticated Encryption with Associated Data” (AEAD) is just one example of such an approach, and is well known in the art. AEAD provides a block cipher methodology for encryption and authentication. However, block ciphers are less efficient and less convenient than stream ciphers. Accordingly, there is a need in the art for a stream cipher that provides both secure encryption and authentication of partially encrypted messages.